Ubuntu
clamav package

Merge clamav from Debian unstable for lunar

Bug #1993390 reported by Bryce Harrington
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
clamav (Ubuntu)
Fix Released
Undecided
Bryce Harrington
Ubuntu ubuntu-22.12

Bug Description

Scheduled-For: ubuntu-23.01
Upstream: tbd
Debian: 0.103.7+dfsg-1
Ubuntu: 0.103.6+dfsg-1ubuntu1

### New Debian Changes ###

clamav (0.103.7+dfsg-1) unstable; urgency=medium

  * Import 0.103.7
    - Update symbol file.

 -- Sebastian Andrzej Siewior <email address hidden> Sun, 14 Aug 2022 21:33:51 +0200

clamav (0.103.6+dfsg-1) unstable; urgency=medium

  * Import 0.103.6
    - CVE-2022-20770 (Possible infinite loop vulnerability in the CHM file
      parser).
    - CVE-2022-20796 (Possible NULL-pointer dereference crash in the scan
      verdict cache check).
    - CVE-2022-20771 (Possible infinite loop vulnerability in the TIFF file
      parser).
    - CVE-2022-20785 (Possible memory leak in the HTML file parser/
      Javascript normalizer).
    - CVE-2022-20792 (Possible multi-byte heap buffer overflow write
      vulnerability in the signature database load module.
    - Update symbol file.

 -- Sebastian Andrzej Siewior <email address hidden> Thu, 12 May 2022 18:55:59 +0200

clamav (0.103.5+dfsg-1) unstable; urgency=medium

  * Import 0.103.5
   - CVE-2022-20698 (Fix for invalid pointer read that may cause a crash).
   - Update symbol file.

 -- Sebastian Andrzej Siewior <email address hidden> Wed, 12 Jan 2022 21:31:23 +0100

clamav (0.103.4+dfsg-1) unstable; urgency=medium

  * Import 0.103.4
   - Update symbol file.
  * Add clamonacc.8.
  * Install clamonacc only on Linux. Patch by Laurent Bigonvill
    (Closes: #992776).
  * Drop unused libidn11-dev dependency, suggested by Simon Josefsson
    (Closes: #991976).

 -- Sebastian Andrzej Siewior <email address hidden> Tue, 16 Nov 2021 22:03:15 +0100

clamav (0.103.3+dfsg-1) unstable; urgency=medium

  * Import 0.103.3
    - Update symbol file.
    - Regression: clamdscan segfaults with --fdpass --multipass and
      ExcludePath (Closes: #988218).
  * Remove clamav user on purge (Closes: #987861).
  * Remove freshclam.dat on purge.

 -- Sebastian Andrzej Siewior <email address hidden> Fri, 02 Jul 2021 00:06:16 +0200

clamav (0.103.2+dfsg-2) unstable; urgency=medium

  * Remove deprecated option SafeBrowsing from debconf templates.

 -- Sebastian Andrzej Siewior <email address hidden> Thu, 15 Apr 2021 21:59:11 +0200

clamav (0.103.2+dfsg-1) unstable; urgency=medium

  * Import 0.103.2
    - CVE-2021-1252 (Fix for Excel XLM parser infinite loop.)
    - CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.)
    - CVE-2021-1405 (Fix for mail parser NULL-dereference crash.)
    - Update symbol file.
   (Closes: #986622).

 -- Sebastian Andrzej Siewior <email address hidden> Mon, 12 Apr 2021 21:31:08 +0200

clamav (0.103.0+dfsg-3.1) unstable; urgency=medium

  * Non-maintainer upload.
  * debian/patches: Apply upstream patch to fix call of ck_assert_msg (Closes:
    #980592)

 -- Sebastian Ramacher <email address hidden> Sun, 21 Feb 2021 16:00:07 +0100

clamav (0.103.0+dfsg-3) unstable; urgency=medium

  * Update apparmor profile for clamd. Thanks to Stefano Callegari.
    (Closes: #973619).

 -- Sebastian Andrzej Siewior <email address hidden> Tue, 03 Nov 2020 22:03:19 +0100

clamav (0.103.0+dfsg-2) unstable; urgency=medium

  * Update apparmor profile for freshclam. Thanks to Michael Borgelt.
    (Closes: #972974)
  * Fix testsuite in an IPv6 only environment (Closes: #963853).

 -- Sebastian Andrzej Siewior <email address hidden> Sun, 01 Nov 2020 20:29:46 +0100

clamav (0.103.0+dfsg-1) unstable; urgency=medium

  * Import 0.103.0
    - Drop CURL_CA_BUNDLE related patch, changes applied upstream.
    - Update symbol file.

### Old Ubuntu Delta ###

clamav (0.103.6+dfsg-1ubuntu1) kinetic; urgency=medium

  * clamav-base.postinst.in: Quell warning from check for clamav user
    (LP: #1920217)

 -- Bryce Harrington <email address hidden> Wed, 18 May 2022 17:26:41 -0700

Related branches

~bryce/ubuntu/+source/clamav:merge-v0.103.7adfsg-1-lunar
git-ubuntu bot: Approve
Christian Ehrhardt  (community): Approve
Canonical Server Reporter: Pending requested
Diff: 59 lines (+20/-2)
3 files modified
debian/changelog (+17/-0)
debian/clamav-base.postinst.in (+1/-1)
debian/control (+2/-1)
Bryce Harrington (bryce)
Changed in clamav (Ubuntu):
assignee: nobody → Bryce Harrington (bryce)
Bryce Harrington (bryce)
Changed in clamav (Ubuntu):
status: New → In Progress
Bryce Harrington (bryce)
summary: - Merge clamav from Debian unstable for l-series
+ Merge clamav from Debian unstable for lunar
Changed in clamav (Ubuntu):
milestone: none → ubuntu-22.12
Bryce Harrington (bryce)
Changed in clamav (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package clamav - 0.103.7+dfsg-1ubuntu1

---------------
clamav (0.103.7+dfsg-1ubuntu1) lunar; urgency=medium

  * Merge with Debian unstable (LP: #1993390). Remaining changes:
    - clamav-base.postinst.in: Quell warning from check for clamav user
      (LP #1920217)
  * Dropped:
    - Update translations

 -- Bryce Harrington <email address hidden> Fri, 18 Nov 2022 23:35:15 -0800

Changed in clamav (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.